The remote host is missing an update as announcedvia advisory SSA:2004-140-01.

New cvs packages are available for Slackware 8.1, 9.0, 9.1, and -current tofix a buffer overflow vulnerability which could allow an attacker to runarbitrary programs on the CVS server. Sites running a CVS server shouldupgrade to the new CVS package right away.

More details about this issue may be found in the CommonVulnerabilities and Exposures (CVE) database: